Click any tag below to further narrow down your results
Links
Austad, one of the hackers involved in the DraftKings breach, has pleaded guilty to conspiracy for computer intrusion and faces up to five years in prison. The attack likely compromised around 68,000 user accounts through credential stuffing, exploiting reused usernames and passwords. Two other co-conspirators have also pleaded guilty and received sentences.
Nicholas Moore, a 24-year-old from Springfield, Tennessee, is set to plead guilty to hacking the U.S. Supreme Court’s electronic filing system multiple times. Between August and October 2023, he accessed a protected computer without authorization on 25 different occasions. Details about the specific information he obtained remain unclear.
North Korean hackers are using spear phishing emails that mimic human rights organizations and financial institutions to distribute malware. This campaign, called "Operation Poseidon," is linked to the Konni hacking group and aims to exploit vulnerabilities in email security through deceptive links. Cybersecurity experts warn that these sophisticated tactics make such attacks difficult to defend against.
The article discusses how the anime "Ghost in the Shell" anticipated modern cybersecurity threats, featuring a rogue government-backed hacker called the Puppet Master. It explores parallels between the show's plot and real-world hacking tactics, including cyber espionage and tech-enabled abuse.
Mandiant has released rainbow tables that significantly simplify the process of cracking NTLMv1 passwords, allowing attackers to recover authentication keys in under 12 hours using consumer-grade hardware. The release transforms this previously theoretical vulnerability into a practical threat, requiring organizations to take immediate action to mitigate risks.
BreachForums, a hacking forum, has experienced a data breach with nearly 324,000 user accounts exposed. The leak includes usernames, registration dates, and some public IP addresses, raising concerns for users and law enforcement. The forum's administrator claims this data is not recent, originating from an earlier backup.
German security experts warn that state-backed hackers are using social engineering tactics to infiltrate the Signal messaging app of military leaders and journalists. They trick victims into revealing security codes or scanning malicious QR codes, allowing the attackers to access private conversations without detection.
Michael Clapsis, 44, received a 7-year and 4-month prison sentence for stealing personal information through Wi-Fi attacks at Australian airports and on flights. He created fake networks to capture users' credentials before being caught by authorities.
Albiriox is a new Android malware that gives attackers full control over infected devices, enabling financial fraud. It spreads through deceptive SMS messages and fake apps, using advanced techniques to evade detection. The malware is part of a subscription-based service offered by Russian-speaking cybercriminals.
Researchers at Stanford University tested an AI bot named Artemis, designed to find and exploit software vulnerabilities. The experiment revealed that Artemis could outperform professional penetration testers in identifying bugs on a real-world network.
France's Interior Ministry confirmed a significant cyberattack that compromised its email systems and potentially sensitive internal files. The hacker, known as Indra, claims deeper access to law enforcement databases and has threatened to sell the data unless contacted by the government. A 22-year-old suspect has been arrested, but authorities have not confirmed if he is Indra.
This article lists free cybersecurity and hacking events happening in December 2025. It includes various challenges and competitions focused on different skills, allowing participants to learn and win prizes. Each event has specific dates and links for more information.
Google reported that the North Korean group UNC2970 used its AI model, Gemini, for reconnaissance on high-value targets, including cybersecurity firms. This trend of hacking groups leveraging generative AI for malicious purposes raises concerns about the evolving methods of cyber attacks. Google is enhancing its safety measures to counteract these threats.
A 15-year-old hacker known as Rey has been linked to the Scattered LAPSUS$ Hunters group. His identity was revealed through an investigation that traced personal details and social media interactions, despite Rey's claims of wanting to leave the group and working with law enforcement.
Researchers have uncovered a new Windows malware campaign using Pulsar RAT and Stealerv37. This malware can steal passwords, crypto, and gaming accounts while allowing hackers to interact with victims through a live chat window. It evades detection by running entirely in memory and hijacking trusted system tools.
North Korean hackers are using Google’s Find Hub to track and factory reset Android devices of South Korean targets. They initiate attacks via spear-phishing on KakaoTalk, leading to data theft and device wipes to prevent recovery and spread malware to victims' contacts.
A hacker named Lovely claims to have accessed a Condé Nast database, leaking over 2.3 million user records and threatening to release an additional 40 million. While Condé Nast has been accused of neglecting security, a counterargument suggests the hacker is a criminal seeking a payoff. This breach adds to a troubling trend of cybersecurity incidents affecting high-profile companies.
A Chinese cyber group, UNC3886, breached Singapore’s top four telecom providers but didn’t disrupt services or steal sensitive customer data. The breach involved a zero-day exploit and led to a coordinated response from Singapore's Cyber Security Agency to contain the threat.
The ICE-tracking service StopICE accused a CBP agent of hacking its platform to send alarming text messages to users, falsely claiming their information was compromised. The app's developer, Sherman Austin, denied the allegations and stated that StopICE does not store personal data. The service has faced numerous DDoS attacks and claims to have traced the hacking attempt back to the agent's server.
Endesa, a major Spanish energy company, reported a data breach where hackers accessed and stole sensitive customer information, including national ID numbers and payment details. The breach affected millions of customers across Europe, prompting concerns over identity theft and security negligence.
North Korean hackers are using malicious Microsoft Visual Studio Code projects to deliver a backdoor that allows remote code execution. By tricking victims into cloning Git repositories and opening them in VS Code, the attackers exploit task configuration files to run harmful JavaScript payloads. This ongoing campaign targets software engineers, particularly in cryptocurrency and fintech sectors.
A cyberespionage group, identified as TGR-STA-1030, has compromised government and critical infrastructure systems in 37 countries, with evidence suggesting links to China. The group has targeted law enforcement, finance ministries, and telecommunications, raising serious national security concerns.
Ribbon, a major US telecom backbone provider, was targeted by a nation-state hacker. While no critical data was believed to be compromised, the company acknowledged that some customer files on two laptops were accessed. The attack is suspected to have ties to China, known for its cyberespionage activities.
At the ESCAL8 conference in New Mexico, Google awarded $458,000 to participants in its Hackceler8 capture the flag event, which featured eight teams selected from over 250 applicants. The event also included a two-day workshop aimed at inspiring local university students to pursue careers in cybersecurity.
The article features a live hacking demonstration by Kyle Hanslovan, former NSA operative and Huntress CEO. He showcases how hackers can exploit Microsoft 365, bypass MFA, and compromise systems in under 10 minutes using tactics like social engineering and credential theft.
Iranian hacking group APT42 has been conducting a sophisticated campaign against senior defense and government officials, using social engineering tactics and even targeting their families to apply pressure. The malware they deploy operates stealthily, blending with normal activity and employing various techniques to maintain persistence and exfiltrate sensitive data.
Protei, a Russian telecom company specializing in surveillance technology, was hacked, resulting in data theft and website defacement. The breach exposed around 182 gigabytes of files, including sensitive emails, and was linked to the company's involvement with deep packet inspection systems used for censorship. The hacker's identity remains unknown.
The US government announced a $10 million reward for information on Iranian hackers linked to the group Emennet Pasargad, now referred to as Shahid Shushtari. The group has been involved in cyberattacks against critical infrastructure and influence operations since at least 2020. Key individuals targeted include group leader Mohammad Bagher Shirinkar and employee Fatemeh Sedighian Kashi.
This article details a phishing scheme by DPRK hackers posing as recruiters. It analyzes the malware used in the scam, including code obfuscation techniques and how the attackers gather sensitive information from victims.
A hacktivist scraped over 536,000 payment records from a stalkerware provider, revealing customer email addresses and partial payment details. The data includes transactions for apps like uMobix and Xnspy, which are used to spy on individuals illegally. The breach highlights ongoing security failures within the stalkerware industry.
Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.
A China-linked hacking group known as Salt Typhoon has successfully breached the satellite communications firm Viasat. This incident highlights the ongoing risks to critical infrastructure from state-sponsored cyber threats, particularly in the context of geopolitical tensions.
A 21-year-old hacker was arrested in Spain for illegally accessing a government website to alter high school and university entrance exam grades for himself and classmates. The suspect, with a history of hacking, compromised accounts of at least 13 university professors and had a notebook detailing manipulated grades, leading to increased security measures on the educational platform used in the region.
The UNC2891 hacking group, known as LightBasin, utilized a 4G-equipped Raspberry Pi to infiltrate a bank's network, aiming to commit ATM fraud. Although their attempt to deploy a sophisticated rootkit named Caketap was thwarted, the attack showcased advanced techniques for maintaining stealth and lateral movement within the bank's systems.
A hacking group has reportedly stolen over 1 billion records from Salesforce customer databases, raising significant concerns about data security and the potential repercussions for affected companies. The breach underscores the vulnerabilities in cloud services and the ongoing threat posed by cybercriminals.
Wallets can indeed be hacked, posing significant risks to digital asset security. Users must be aware of vulnerabilities in wallets and take necessary precautions to protect their funds from potential breaches and theft.
A 27-year-old former student of Western Sydney University has been arrested for allegedly hacking the university's systems to obtain cheaper parking and access confidential data, affecting hundreds of staff and students. Birdie Kingston faces 20 charges, including unauthorized access and data theft, and is accused of stealing over 100GB of data and manipulating academic records. Despite prior warnings from police, she continued her hacking activities, even threatening to sell stolen student information on the dark web.
Recent attacks linked to Chinese hacking groups have exploited a zero-day vulnerability in Microsoft SharePoint, breaching numerous organizations globally. The vulnerabilities, identified as CVE-2025-49706 and CVE-2025-49704, were actively targeted by multiple threat actors, prompting Microsoft and CISA to release emergency patches and recommend immediate action for affected entities.
Security vulnerabilities in a carmaker's web portal allowed a hacker to remotely unlock vehicles from anywhere, raising serious concerns about the security of connected car technologies. The breach highlights the need for stronger cybersecurity measures in the automotive industry to protect consumer data and vehicle safety.
The web article discusses the alarming prevalence of weak passwords in the auto industry, highlighting how many smart cars are still using easily guessable passwords. This vulnerability poses significant security risks, as hackers could exploit these weaknesses to gain unauthorized access to vehicles and their systems.
Russian government hackers are reportedly behind a significant breach of the U.S. federal court filing system, raising concerns over the security of sensitive legal documents. The attack highlights the vulnerabilities in critical infrastructure and the ongoing threat posed by state-sponsored cyber activities. Investigations are underway to assess the extent of the damage and potential implications for national security.
Rachel Tobac, a cyber social engineer, discusses the art of persuasion in social engineering, emphasizing its dual nature as both a beneficial and deceptive practice. She explains how social engineers manipulate psychological principles to exploit human vulnerabilities, making it a sophisticated form of hacking that is often misunderstood.
Nippon Steel Solutions has reported a data breach caused by the exploitation of a zero-day vulnerability in their network equipment. Cybercriminals threatened to leak stolen data, but subsequently ceased communication, leaving uncertainty about the breach's details and any potential connection to other incidents.
A hacking group named Lab Dookhtegan has reportedly disrupted communications of Iranian ships, indicating a significant cyber attack on maritime operations. This incident highlights ongoing tensions and the increasing use of cyber warfare tactics in geopolitical conflicts.
North Korean hacking group Kimsuky has experienced a significant data breach after two ethical hackers, known as 'Saber' and 'cyb0rg,' leaked 8.9GB of the group's data, exposing their tools and stolen information. The hackers criticized Kimsuky for its politically motivated cyber activities and claimed their actions were aimed at revealing the group's unethical practices. This breach may complicate Kimsuky's operations and disrupt their ongoing campaigns, although its long-term impact remains uncertain.
Two Dutch teenagers, aged 17, were arrested for attempting to spy on Europol and Eurojust for Russia using WiFi sniffer devices. They were recruited via Telegram and apprehended following a tip from the Dutch intelligence service, with no compromise to Europol's systems reported. The case highlights a concerning trend of young individuals being targeted for espionage activities in Europe.
Over 40,000 security cameras worldwide are accessible via the internet, allowing potential hackers to exploit them for spying and other malicious activities. The cybersecurity firm Bitsight warns that these cameras, often used in homes and small offices, are at risk due to inadequate security measures, making them targets for cyberattacks. Users are advised to implement stronger security practices to protect their devices.
The article discusses insights from a telecom executive regarding the Salt Typhoon hacking group, emphasizing how their unconventional techniques are inspiring other hackers. It highlights the evolving tactics in cyberattacks and the implications for security in the telecommunications sector.
A new startup focused on zero-day vulnerabilities is offering $20 million for tools that can successfully hack any smartphone. This initiative aims to attract skilled hackers to enhance cybersecurity solutions amidst increasing smartphone security challenges.
The article discusses Xanthorox AI, a comprehensive hacking assistant designed for various cyber operations. It highlights its capabilities in navigating the dark web and performing full-spectrum hacking tasks, emphasizing its potential use by both ethical hackers and malicious actors. The implications of such a tool on cybersecurity and the ethical considerations surrounding its use are also touched upon.
The article discusses a report released by Anthropic, which highlights the growing threats posed by artificial intelligence in the realm of cybersecurity. It emphasizes the potential for AI to be used in hacking and other malicious activities, urging for better frameworks to mitigate these risks. The report outlines various scenarios where AI could exacerbate security challenges in the digital landscape.
Hackers are exploiting a vulnerability in domain name system (DNS) records to hide malware, allowing malicious scripts to fetch binaries without detection by traditional security measures. Researchers from DomainTools discovered that malware was encoded in hexadecimal and distributed across multiple subdomains, enabling retrieval through seemingly harmless DNS requests. As encrypted DNS methods like DOH and DOT gain traction, monitoring this type of traffic may become even more challenging.
The article discusses a report on the malware traffic associated with the notorious Los Pollos Hermanos network. It highlights the methods used by cybercriminals to exploit vulnerabilities and distribute malicious software, shedding light on the ongoing challenges in cybersecurity. The findings underscore the importance of vigilance and proactive measures in combating such threats.
Nicholas Michael Kloster, a Kansas City resident, has admitted to hacking multiple organizations to promote his cybersecurity services. He was charged with accessing a protected computer and causing reckless damage during unauthorized access.
Clorox has filed a lawsuit against its IT provider, Cognizant, claiming that hackers accessed employee passwords through basic social engineering tactics. The lawsuit alleges that Cognizant failed to manage cybersecurity effectively and allowed unauthorized access to Clorox's network. Cognizant counters that it only provided limited help desk services and is not responsible for the cybersecurity breach.
Researchers from SquareX have demonstrated a method to bypass passkey security using WebAuthn process manipulation, allowing attackers to impersonate users without needing access to their devices. This vulnerability highlights risks associated with compromised browser environments rather than the cryptography of passkeys themselves.
Government minister Lucy Powell's X account was hacked to promote a cryptocurrency scam named "$HCC". The incident highlights a growing trend of cybercriminals targeting high-profile accounts to sell worthless coins, with efforts already made by Powell's office to secure her account and remove misleading posts.
Google confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) but assured that no data was accessed. The group "Scattered Lapsus$ Hunters" claimed access to both LERS and the FBI's eCheck system, raising concerns over potential impersonation and unauthorized data access. Cybersecurity experts believe the group may continue their activities despite claims of going dark.
A hacker successfully executed a voice phishing attack targeting Cisco customers, managing to steal their personal information. This incident highlights the ongoing risks associated with social engineering tactics in cybersecurity. Cisco has urged its clients to remain vigilant against such fraudulent schemes.
Conor Brian Fitzpatrick, the creator of the BreachForums hacking forum, has been resentenced to three years in prison after violating pretrial release conditions and pleading guilty to multiple charges, including conspiracy to commit access device fraud and possession of child pornography. His initial sentence of time served and 20 years of supervised release was overturned by an appeals court, leading to the new prison term. BreachForums was known for facilitating the trade of stolen data and illegal cybercrime services.
An attempt to create an autonomous AI pentester revealed significant limitations in AI's capability to effectively perform offensive security tasks. Despite its potential for planning and executing complex strategies, the AI struggled with accuracy and lacked the critical intuition and drive that human hackers possess. The project ultimately highlighted the importance of combining AI's strengths with human creativity and critical thinking in cybersecurity.
The article discusses methods for exploiting vulnerabilities in Windows drivers, aimed at beginners interested in cybersecurity and hacking. It provides insights into the process of weaponizing these drivers to gain unauthorized access or control over systems. This serves as a foundational guide for those looking to understand the intricacies of driver manipulation in the context of malicious activities.
The hacking group known as Scattered Spider, which previously caused significant disruption in Las Vegas, has returned to target U.K. retailers. Recent cyberattacks have impacted stores like Harrods and Marks & Spencer, leading to disruptions in online sales and potential customer data theft.
John Kindervag, creator of the Zero Trust Model, discusses an evolved understanding of hacking that contrasts with traditional views. He emphasizes that motivations for hacking are shaped by sociological, historical, and technological contexts, suggesting that today’s perception of hackers is too narrow and often overlooks their innovative potential.
Hackers are compromising end-of-life SonicWall Secure Mobile Access appliances, exploiting leaked administrator credentials and potentially using a custom backdoor malware called Overstep. Google’s Threat Intelligence Group urges organizations to analyze their devices for signs of compromise, as many details about the attacks and vulnerabilities remain unclear.
Radiology Associates of Richmond has reported a data breach affecting over 1.4 million individuals, with hackers accessing their systems for several days in April 2024. The compromised systems contained identifiable protected health and personal information.
Coinbase reported that hackers bribed overseas support agents to steal customer data, leading to potential costs of up to $400 million. The company received a ransom demand of $20 million but has refused to pay, instead offering a reward for information on the attackers. While sensitive customer information was accessed, no passwords or funds were compromised.
Over 624,000 individuals were notified of a data breach at Healthcare Services Group, where personal information, including Social Security numbers and financial details, was stolen. The breach occurred between September 27 and October 3, 2024, and was identified on October 7, 2024.
Matthew D. Lane, a 19-year-old college student, was sentenced to four years in prison for his role in a cyberattack on PowerSchool that led to a significant data breach affecting millions of students and teachers. He pleaded guilty to multiple charges, including unauthorized access and cyber extortion, and was ordered to pay $14 million in restitution. The attack involved stealing sensitive data and demanding a ransom, with ongoing legal scrutiny surrounding PowerSchool's security practices.
Sesame Street's Elmo account was hacked, leading to the posting of offensive racist and antisemitic content. The incident raised concerns about cybersecurity and the potential risks associated with social media accounts of popular children's characters. Immediate actions were taken to secure the account and address the situation.
Critical vulnerabilities in the BlueSDK Bluetooth stack could allow remote code execution on millions of vehicles, enabling hackers to gain access to car infotainment systems. The PerfektBlue attack can track locations, record audio, and potentially control vehicle functions by exploiting these flaws.
The Trump administration plans to allocate $1 billion for offensive hacking operations aimed at enhancing national security and cyber capabilities. This funding is part of a broader strategy to deter foreign cyber threats and bolster the U.S.'s offensive cyber capabilities. The initiative is expected to involve collaborations with private tech firms and intelligence agencies.
The article discusses Paul Hudson's initiative to teach kids aged 13 and up how to hack in a safe and engaging way through a game called Hacktivate. This game features 240 "capture the flag" challenges that cover various hacking techniques and computer science skills, aiming to inspire curiosity and provide structured learning in cybersecurity. Hudson emphasizes the importance of making hacking education exciting and accessible while addressing common issues found in existing learning materials.
The article discusses a security vulnerability found in the FIA's driver categorization portal, which allowed hackers to gain unauthorized admin access by exploiting a flaw in the HTTP PUT request process. The authors successfully manipulated their user profile to assume administrative roles, revealing sensitive information and control over the FIA's system. This piece is part of a series highlighting cybersecurity issues in Formula 1.